Our Purpose
We work to connect and power an inclusive, digital economy that benefits everyone, everywhere by making transactions safe, simple, smart and accessible. Using secure data and networks, partnerships and passion, our innovations and solutions help individuals, financial institutions, governments and businesses realize their greatest potential. Our decency quotient, or DQ, drives our culture and everything we do inside and outside of our company. We cultivate a culture of inclusion for all employees that respects their individual strengths, views, and experiences. We believe that our differences enable us to be a better team – one that makes better decisions, drives innovation and delivers better business results.
Title and Summary
Senior Software EngineerOverview• The Cryptographic Security Team is a dedicated collection of self-organizing, high-performing, interdependent individuals representing different functional roles with all the necessary skills to create the foundational capabilities that application teams develop on top of it
• This role is a senior software engineer on a team responsible for designing, developing, and delivering major cross-department initiatives with broad scope and long-term business implications.
• Candidates must be able to obtain a deep technical understanding of the applications/systems they are working on and must be willing to dig in and ask challenging questions to ensure that plans are executed efficiently.
• Candidates should have a strong interest in Corporate Security Engineering.
• Candidates must demonstrate strong software engineering and out-of-the-box problem-solving skills.
• Candidate will be responsible for researching alternative technical solutions for changing business needs.
Role
• Provide technical design and architecture advice to internal teams on securely developing and building applications and supporting systems pertaining to HSM.
• Create and execute automated processes for configuring, deploying, and upgrading HSM devices.
• Define secure mechanisms for critical business functions on-premises and in-cloud environments.
• Assist in the strategy, standards, and architecture for the SDLC's cryptography, PKI, and key management aspects, including application, mobile, web service, DevOps, cloud, and CI/CD efforts.
• Execute and own the baseline architecture implementations and design activities, collaborating with other engineers and engineering teams.
• Regularly communicate with management about risk analysis and design trade-offs.
• Work on Pre SDLC or Discovery activities, owning and contributing to assigned activities related to technical feasibility & assessment and providing responses.
• Identify performance bottlenecks and come up with novel ways to solve them.
• Work to define feature requirements and deliver the product that materially impacts the business and improves the consumer experience.
All about you
• Demonstrate a profound mastery of software engineering concepts and practices across all phases of the software development lifecycle, showcasing an exceptional breadth of knowledge and insight.
• Knowledge of cryptography, including several of the following: encryption, hashing, key management, digital certificates, TLS, PKCS#11, and confidential computing
• Possessing over a year of extensive hands-on experience with any HSM such as Luna, Entrust, Utimaco, and Payshield.
• Demonstrate technical competency in security engineering based on hands-on experience or relevant qualifications
• Working knowledge and technical security experience with UNIX, Linux, FreeBSD, AIX, or Windows.
• Hand-on experience in Shell Scripting (Unix/Windows)
• Proficient in any of the following programming languages: Java, Python, or Rust.
• Fundamental understanding of private or public cloud ecosystems and CI/CD practices.
• Desire to stay abreast of new development technologies and tools.
• Excellent interpersonal skills and ability to work in a collaborative environment.
• Strong communication skills, with an ability to express design ideas to a development team.
• BS in Computer Science or related technical field or equivalent practical experience.
Nice to have
• Working experience in a continuous integration development environment, preferably Jenkins.
• Proficiency in C, along with experience in multithreading and memory management
• Experience in secure software development.Mastercard is an inclusive equal opportunity employer that considers applicants without regard to gender, gender identity, sexual orientation, race, ethnicity, disabled or veteran status, or any other characteristic protected by law. In the US or Canada, if you require accommodations or assistance to complete the online application process or during the recruitment process, please contact reasonable_accommodation@mastercard.com and identify the type of accommodation or assistance you are requesting. Do not include any medical or health information in this email. The Reasonable Accommodations team will respond to your email promptly.
Corporate Security Responsibility
All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:
Abide by Mastercard’s security policies and practices;
Ensure the confidentiality and integrity of the information being accessed;
Report any suspected information security violation or breach, and
Complete all periodic mandatory security trainings in accordance with Mastercard’s guidelines.
In line with Mastercard’s total compensation philosophy and assuming that the job will be performed in the US, the successful candidate will be offered a competitive base salary based on location, experience and other qualifications for the role and may be eligible for an annual bonus or commissions depending on the role. Mastercard benefits for full time (and certain part time) employees generally include: insurance (including medical, prescription drug, dental, vision, disability, life insurance), flexible spending account and health savings account, paid leaves (including 16 weeks new parent leave, up to 20 paid days bereavement leave), 10 annual paid sick days, 10 or more annual paid vacation days based on level, 5 personal days, 10 annual paid U.S. observed holidays, 401k with a best-in-class company match, deferred compensation for eligible roles, fitness reimbursement or on-site fitness facilities, eligibility for tuition reimbursement, gender-inclusive benefits and many more.